Skip to main content Link Search Menu Expand Document (external link)

Vulnerability Classes

A vulnerability class is a set of vulnerabilities that share some unifying commonality pattern or concept that isolates a specific feature shared by several different software flaws

Essentially a vulnerability class is a mental device to conceptualize software flaws. -TAOSSA

A common vulnerability class might be a stack overflow (a buffer trying to hold too much data) or a use-after-free (a pointer to a valid memory locations, that is subsequently freed and used).

There are several sources for lists of classes out there, but the largest one being the Common Weakness Enumeration list .